× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 109216642720d7c15cf4d8c081985ba5a4010034d17c55a8af29109bbdc4613c
File name: ad343e1aa8fb15c5cf04dd817fd3a1dd
Detection ratio: 48 / 66
Analysis date: 2018-04-28 05:40:09 UTC ( 7 months, 3 weeks ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Symmi.83596 20180428
AegisLab Troj.W32.Generic!c 20180428
AhnLab-V3 Trojan/Win32.Refinka.C2242799 20180427
ALYac Gen:Variant.Symmi.83596 20180428
Antiy-AVL Trojan/Win32.AGeneric 20180428
Arcabit Trojan.Symmi.D1468C 20180428
Avast Win32:Malware-gen 20180428
AVG Win32:Malware-gen 20180428
Avira (no cloud) TR/Crypt.ZPACK.khbqg 20180428
AVware Trojan.Win32.Generic!BT 20180428
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180426
BitDefender Gen:Variant.Symmi.83596 20180428
Bkav HW32.Packed.BA94 20180426
CAT-QuickHeal Trojan.IGENERIC 20180427
Comodo TrojWare.Win32.Refinka.B 20180428
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180418
Cylance Unsafe 20180428
Cyren W32/Trojan.UOZI-0026 20180428
Emsisoft Gen:Variant.Symmi.83596 (B) 20180428
Endgame malicious (high confidence) 20180403
ESET-NOD32 a variant of Win32/Injector.DTEN 20180428
F-Secure Gen:Variant.Symmi.83596 20180428
Fortinet W32/GenKryptik.AWBE!tr 20180428
GData Gen:Variant.Symmi.83596 20180428
Ikarus Trojan.Win32.Injector 20180427
Sophos ML heuristic 20180121
K7AntiVirus Trojan ( 0051afa71 ) 20180427
K7GW Trojan ( 0051afa71 ) 20180428
Kaspersky HEUR:Trojan.Win32.Generic 20180428
Malwarebytes Trojan.Dridex 20180428
MAX malware (ai score=99) 20180428
McAfee GenericRXDD-JS!AD343E1AA8FB 20180428
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.fc 20180425
Microsoft Trojan:Win32/Skeeyah.A!rfn 20180428
eScan Gen:Variant.Symmi.83596 20180428
NANO-Antivirus Trojan.Win32.Mlw.ezetxn 20180428
Palo Alto Networks (Known Signatures) generic.ml 20180428
Panda Trj/Genetic.gen 20180427
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/EncPk-ANR 20180428
Symantec Packed.Generic.517 20180427
Tencent Win32.Trojan.Generic.Lnnw 20180428
TrendMicro TSPY_EMOTET.SMZD177 20180428
TrendMicro-HouseCall TSPY_EMOTET.SMZD177 20180428
VIPRE Trojan.Win32.Generic!BT 20180428
ViRobot Trojan.Win32.Z.Symmi.360448.GM 20180428
Webroot W32.Infostealer.Dridex 20180428
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20180428
Alibaba 20180428
Avast-Mobile 20180428
Babable 20180406
ClamAV 20180427
CMC 20180427
Cybereason None
DrWeb 20180428
eGambit 20180428
F-Prot 20180428
Jiangmin 20180428
Kingsoft 20180428
nProtect 20180428
Qihoo-360 20180428
Rising 20180428
SUPERAntiSpyware 20180428
Symantec Mobile Insight 20180424
TheHacker 20180426
Trustlook 20180428
VBA32 20180427
Yandex 20180427
Zillya 20180427
Zoner 20180427
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name msvcp60.dll
Internal name msvcp60.dll
File version 7.0.7600.16385 (win7_rtm.090713-1255)
Description Windows NT C++ Runtime Library DLL
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-10-30 07:04:31
Entry Point 0x00001380
Number of sections 8
PE sections
PE imports
ReadFile
GetFileInformationByHandle
wsprintfA
midiStreamClose
PdhExpandWildCardPathW
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
7.0.7600.16385

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
356352

EntryPoint
0x1380

OriginalFileName
msvcp60.dll

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
7.0.7600.16385 (win7_rtm.090713-1255)

TimeStamp
2017:10:30 08:04:31+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
msvcp60.dll

ProductVersion
7.0.7600.16385

FileDescription
Windows NT C++ Runtime Library DLL

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Melcosoft Copronation

CodeSize
12288

ProductName
Microsoft Windows Operating System

ProductVersionNumber
6.1.8638.16385

FileTypeExtension
dll

ObjectFileType
Executable application

File identification
MD5 ad343e1aa8fb15c5cf04dd817fd3a1dd
SHA1 aeb88e039111fc3d3dc9aaaa6cbd39e7d45a09d2
SHA256 109216642720d7c15cf4d8c081985ba5a4010034d17c55a8af29109bbdc4613c
ssdeep
6144:gsEdn6UZKJJqwUQ2dd1aefSYoN9bBYu2lG1QE7daBsB2QEXQD1Oc3:gtn6QkzYddtf02uTQ6daBs0JXur

authentihash 5a99c33102f932682e8d58c3050378077dd03171c25fd725b2589605bae2fe7a
imphash 1119afeb8adb1e44cd2178e2c6009861
File size 352.0 KB ( 360448 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
pedll

VirusTotal metadata
First submission 2018-03-25 19:52:33 UTC ( 8 months, 3 weeks ago )
Last submission 2018-04-28 05:40:09 UTC ( 7 months, 3 weeks ago )
File names msvcp60.dll
ad343e1aa8fb15c5cf04dd817fd3a1dd
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!